Free Cyber Essentials consultancy for your organisation

Earlier this year, the government announced the launch of a £1 million cyber security Innovation Voucher scheme, which provides individual grants of £5,000 to help SMEs in the UK pay for external cyber security expertise “to boost their cyber security and protect new business ideas and intellectual property”.

Round 14 of the Innovation Voucher scheme opened on 29 October and closes at noon on 05 January. You can now apply for your cyber security Innovation Voucher here >>

“You can get an Innovation Voucher worth up to £5,000 to pay for an external expert. This expert will give you advice on cyber security for your business and may be able to help you acquire accreditation through Cyber Essentials. You can also use the voucher for advice on how to protect new business ideas and intellectual property in cyber security.

“The Cyber Essentials scheme helps organisations protect themselves against common cyber attacks. It can help you develop a secure platform for your business activities. You can also get accreditation to show that you have taken these precautions.

“You may need accreditation if you are a supplier bidding for a government contract. Since 2014, all suppliers handling sensitive and personal information need Cyber Essentials accreditation.”

The Cyber Essentials scheme provides a set of five controls that organisations can implement to achieve a baseline of cyber security, and against which they can achieve certification to prove their credentials. These five controls can help prevent 80% of the most common attacks.

Certification to the Cyber Essentials scheme will demonstrate to your customers and business partners that fundamental cyber security measures are in place, and provides evidence to validate your organisation’s security posture. There are two levels of certification available: Cyber Essentials and Cyber Essentials Plus.

Cyber Essentials requires a company to complete a self-assessment questionnaire, which must be signed off by a senior company representative and then verified by an external certification body. An external vulnerability scan is also required if the company chooses to be certified by a CREST-approved certification body such as IT Governance.

Cyber Essentials Plus requires a more advanced level of assurance. In addition to meeting the requirements of Cyber Essentials, organisations must undergo an internal assessment and internal scan conducted on-site by the certification body.

The new government voucher scheme covers Cyber Essentials Plus, as Innovate UK explains:

“You can use an Innovation Voucher towards the cost of Cyber Essentials PLUS. You cannot use it for Cyber Essentials alone but you may be able to use it to get extra advice that leads to Cyber Essentials.”